Page MenuHomeFreeBSD

Fix possible panic during ifnet detach in rtsock

Authored by ae on Nov 26 2018, 11:36 AM.



This patch is targeted to fix possible panic in rtsock code, that can happen during ifnet detach.

The panic can happen, when some application does dump of routing table using sysctl interface. To prevent this, I set IFF_DYING flag in if_detach_internal() function, when ifnet under lock is removed from the chain. In sysctl_rtsock() take IFNET_RLOCK_NOSLEEP() to prevent ifnet detach during routes enumeration. In case, if some interface was detached in time before we take the lock, add the check, that ifnet is not DYING. This prevents access to memory that could be freed after ifnet is unlinked.

The change can be MFCed to stable/11, since the logic and macro name is still the same.

Diff Detail

rS FreeBSD src repository
Lint Skipped
Unit Tests Skipped
Build Status
Buildable 21209

Event Timeline

ae created this revision.Nov 26 2018, 11:36 AM
bz added a subscriber: bz.Nov 26 2018, 2:13 PM
bz added inline comments.

Do you want to assert that the locks are held as expected in here?


Can you please commit the whitespace changes separately?

ae updated this revision to Diff 51135.Nov 26 2018, 9:24 PM
ae marked an inline comment as done.

Added IFNET_RLOCK_NOSLEEP_ASSERT(). Removed whitespace changes.

ae marked 2 inline comments as done.Nov 26 2018, 9:24 PM
ae added inline comments.

I can add IFNET_RLOCK_NOSLEEP_ASSERT() here, but adding of RIB_LOCK_ASSERT() needs more intrusive change.

bz accepted this revision.Nov 27 2018, 12:06 AM
This revision is now accepted and ready to land.Nov 27 2018, 12:06 AM
This revision was automatically updated to reflect the committed changes.
ae marked an inline comment as done.